IssuerNameRegistry. This translates a
security token to a friendly token issuer name in the form of a
string. An IssuerNameRegistry is used to validate trusted
issuers, typically represented by X509 certificates.

IssuerTokenResolver. This is used to
resolve the issuer token, which represents the token that signed
the incoming token presented to the relying party application.

SecurityTokenHandlerCollectionManager.
This is a collection of token handler collections based on usage.
By default it contains the following collections: the default
collection, ActAs, and OnBehalfOf. ActAs and OnBehalfOf scenarios
are used during token issuance, so these token handlers do not need
to be configured by relying party applications. A relying party STS
(RP-STS) that consumes a request for security token (RST) that
contains an ActAs or OnBehalfOf token must have these token
handlers configured.

DefaultSymmetricKeySizeInBits. Gets or
sets the default key size in bits used in the issued token. This
applies only to issued tokens that contain a symmetric key.

DefaultMaxSymmetricKeySizeInBits. Gets
or sets the default key size limit in bits used check if the
KeySize specified in the request is within this limit. This applies
only to issued tokens that contain a symmetric key.

SecurityTokenHandlerConfiguration

SecurityTokenService.Scope Class

The Scope class contains information about a
Relying Party (RP). You can extend the Scope class to contain additional information,
such as token types accepted by the RP, default token lifetime,
maximum token lifetime, algorithm suites used by the RP, and so on.
The information in this class should not vary for individual
requests.